ryanc/ansible
1
0
Fork 0
Code Issues 4 Pull Requests Releases Wiki Activity

Clean up ulogd.conf template

Browse Source
This commit is contained in:
Ryan Cavicchioni 2019-11-25 18:24:14 -06:00
parent 13d12faa86
commit 4540766d80
Signed by: ryanc
GPG Key ID: 877EEDAF9245103D
2 changed files with 40 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
roles/firewall/defaults/main.yaml
View File

@ -39,10 +39,19 @@ firewall_ulogd_package_name: ulogd2
firewall_ulogd_service_name: ulogd2.service firewall_ulogd_service_name: ulogd2.service
firewall_ulogd_config_path: /etc/ulogd.conf firewall_ulogd_config_path: /etc/ulogd.conf
firewall_ulogd_nflog_group: 1 firewall_ulogd_nflog_group: 1
firewall_ulogd_syslog_facility: LOG_LOCAL0
firewall_ulogd_syslog_level: LOG_INFO
firewall_iptables_nflog_group: 2 # debug(1), info(3), notice(5), error(7) or fatal(8) (default 5)
firewall_ulogd_log_level: 3
firewall_ulogd_packet_mode_enabled: yes
firewall_ulogd_packet_mode_syslog_facility: LOG_LOCAL0
firewall_ulogd_packet_mode_syslog_level: LOG_INFO
firewall_ulogd_flow_mode_enabled: yes
firewall_ulogd_flow_mode_syslog_facility: LOG_LOCAL1
firewall_ulogd_flow_mode_syslog_level: LOG_INFO
firewall_iptables_nflog_group: 1
firewall_drop_icmp_flood: true firewall_drop_icmp_flood: true
firewall_limit_icmp_flood_seconds: 1 firewall_limit_icmp_flood_seconds: 1

37
roles/firewall/templates/ulogd.conf.j2
View File

@ -1,10 +1,10 @@
[global] [global]
# logfile for status messages # logfile for status messages
#logfile="syslog" logfile="syslog"
# loglevel: debug(1), info(3), notice(5), error(7) or fatal(8) (default 5) # loglevel: debug(1), info(3), notice(5), error(7) or fatal(8) (default 5)
#loglevel=3 loglevel={{ firewall_ulogd_loglevel | default(3) }}
plugin="/usr/lib/x86_64-linux-gnu/ulogd/ulogd_inppkt_NFLOG.so" plugin="/usr/lib/x86_64-linux-gnu/ulogd/ulogd_inppkt_NFLOG.so"
plugin="/usr/lib/x86_64-linux-gnu/ulogd/ulogd_inpflow_NFCT.so" plugin="/usr/lib/x86_64-linux-gnu/ulogd/ulogd_inpflow_NFCT.so"
@ -15,12 +15,31 @@ plugin="/usr/lib/x86_64-linux-gnu/ulogd/ulogd_filter_PRINTFLOW.so"
plugin="/usr/lib/x86_64-linux-gnu/ulogd/ulogd_output_SYSLOG.so" plugin="/usr/lib/x86_64-linux-gnu/ulogd/ulogd_output_SYSLOG.so"
plugin="/usr/lib/x86_64-linux-gnu/ulogd/ulogd_raw2packet_BASE.so" plugin="/usr/lib/x86_64-linux-gnu/ulogd/ulogd_raw2packet_BASE.so"
# this is a stack for logging packets to syslog after a collect via NFLOG {% if firewall_ulogd_packet_mode_enabled %}
stack=log1:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,sys1:SYSLOG stack=packet:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,syslog-packet:SYSLOG
{% endif %}
{% if firewall_ulogd_flow_mode_enabled %}
stack=flow:NFCT,ip2str1:IP2STR,print1:PRINTFLOW,syslog-flow:SYSLOG
{% endif %}
[log1] {% if firewall_ulogd_packet_mode_enabled %}
group={{ firewall_ulogd_nflog_group | default(0) }} [packet]
group={{ firewall_ulogd_nflog_group | default(1) }}
{% endif %}
[sys1] {% if firewall_ulogd_flow_mode_enabled %}
facility={{ firewall_ulogd_syslog_facility | default("LOG_LOCAL0") }} [flow]
level={{ firewall_ulogd_syslog_level | default("LOG_INFO") }} #group={{ firewall_ulogd_nflog_group | default(1) }}
{% endif %}
{% if firewall_ulogd_packet_mode_enabled %}
[syslog-packet]
facility={{ firewall_ulogd_packet_mode_syslog_facility | default("LOG_LOCAL0") }}
level={{ firewall_ulogd_packet_mode_syslog_level | default("LOG_INFO") }}
{% endif %}
{% if firewall_ulogd_flow_mode_enabled %}
[syslog-flow]
facility={{ firewall_ulogd_flow_mode_syslog_facility | default("LOG_LOCAL1") }}
level={{ firewall_ulogd_flow_mode_syslog_level | default("LOG_INFO") }}
{% endif %}